CVE-2021-21646

Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM...

PT-2021-14689 · Jenkins · Script Security Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Templating Engine Plugin versions 2.1 and earlier Description: The issue allows attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. This is due to the lack of protection for...